I've accepted a position at a different company working on their security team and have been mentally putting together a list of questions to ask so I can rapidly get up to speed in the environment ...

A client has asked me to help them out with their WAF processes. Currently they have a few critical web applications being protected by a couple of WAFs. I have managed to get the WAFs tuned and ready ...

I know one systems administrator who runs SSH Server on his workstation to push files to it and check things from a phone but I think it is a bad idea for several reasons:
An operations workstation ...

How do large companies implement their security requirements which are centralized and used to drive things people can do (allowed to call a certain web-service, submit an order, etc.) as well as to ...